Secure Score - Do not allow users to grant consent to unreliable applications

Michael Bennett 51 Reputation points
2022-09-14T15:20:08.207+00:00

In regards to the recommendation from Secure Score "Do not allow users to grant consent to unreliable applications" will removing user consent and replacing with Admin Only cause previously administered user consent to be regressed and lost?

Alternatively, will the consent be maintained?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,139 questions
0 comments No comments
{count} votes

Accepted answer
  1. Andy David - MVP 152K Reputation points MVP
    2022-09-14T15:25:28.827+00:00

    Any existing admin and/or user consent should remain. If the app was not consented by an admin previously and you no longer allow automatic user consent, any future consent requirements for that app and any new app will require an admin to consent for the org.
    Consider also the admin consent workflow enabling:

    https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/configure-admin-consent-workflow

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.